mirror of
https://github.com/caddyserver/caddy.git
synced 2024-12-27 06:03:48 +03:00
caddytls: Support ACME alt cert chain preferences
This commit is contained in:
parent
3db60e6cba
commit
95af4262a8
3 changed files with 9 additions and 3 deletions
2
go.mod
2
go.mod
|
@ -6,7 +6,7 @@ require (
|
||||||
github.com/Masterminds/sprig/v3 v3.1.0
|
github.com/Masterminds/sprig/v3 v3.1.0
|
||||||
github.com/alecthomas/chroma v0.8.0
|
github.com/alecthomas/chroma v0.8.0
|
||||||
github.com/aryann/difflib v0.0.0-20170710044230-e206f873d14a
|
github.com/aryann/difflib v0.0.0-20170710044230-e206f873d14a
|
||||||
github.com/caddyserver/certmagic v0.12.1-0.20201021150819-90d1550af48c
|
github.com/caddyserver/certmagic v0.12.1-0.20201112220015-12df2be5a021
|
||||||
github.com/dustin/go-humanize v1.0.1-0.20200219035652-afde56e7acac
|
github.com/dustin/go-humanize v1.0.1-0.20200219035652-afde56e7acac
|
||||||
github.com/go-chi/chi v4.1.2+incompatible
|
github.com/go-chi/chi v4.1.2+incompatible
|
||||||
github.com/google/cel-go v0.5.1
|
github.com/google/cel-go v0.5.1
|
||||||
|
|
4
go.sum
4
go.sum
|
@ -85,8 +85,8 @@ github.com/bombsimon/wsl/v2 v2.0.0/go.mod h1:mf25kr/SqFEPhhcxW1+7pxzGlW+hIl/hYTK
|
||||||
github.com/boombuler/barcode v1.0.0/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
|
github.com/boombuler/barcode v1.0.0/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
|
||||||
github.com/bradfitz/go-smtpd v0.0.0-20170404230938-deb6d6237625/go.mod h1:HYsPBTaaSFSlLx/70C2HPIMNZpVV8+vt/A+FMnYP11g=
|
github.com/bradfitz/go-smtpd v0.0.0-20170404230938-deb6d6237625/go.mod h1:HYsPBTaaSFSlLx/70C2HPIMNZpVV8+vt/A+FMnYP11g=
|
||||||
github.com/buger/jsonparser v0.0.0-20181115193947-bf1c66bbce23/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s=
|
github.com/buger/jsonparser v0.0.0-20181115193947-bf1c66bbce23/go.mod h1:bbYlZJ7hK1yFx9hf58LP0zeX7UjIGs20ufpu3evjr+s=
|
||||||
github.com/caddyserver/certmagic v0.12.1-0.20201021150819-90d1550af48c h1:IvUz1LXmHL2y3UVGbzmnvz5/2CA1rvurJA/AL4reKKI=
|
github.com/caddyserver/certmagic v0.12.1-0.20201112220015-12df2be5a021 h1:VY4JahIicW/GT84KoIm+TSKwMHj08NyPJhsGypTWJn4=
|
||||||
github.com/caddyserver/certmagic v0.12.1-0.20201021150819-90d1550af48c/go.mod h1:tr26xh+9fY5dN0J6IPAlMj07qpog22PJKa7Nw7j835U=
|
github.com/caddyserver/certmagic v0.12.1-0.20201112220015-12df2be5a021/go.mod h1:tr26xh+9fY5dN0J6IPAlMj07qpog22PJKa7Nw7j835U=
|
||||||
github.com/census-instrumentation/opencensus-proto v0.2.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
|
github.com/census-instrumentation/opencensus-proto v0.2.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
|
||||||
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
|
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
|
||||||
github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko=
|
github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko=
|
||||||
|
|
|
@ -74,6 +74,11 @@ type ACMEIssuer struct {
|
||||||
// is internal or for development/testing purposes.
|
// is internal or for development/testing purposes.
|
||||||
TrustedRootsPEMFiles []string `json:"trusted_roots_pem_files,omitempty"`
|
TrustedRootsPEMFiles []string `json:"trusted_roots_pem_files,omitempty"`
|
||||||
|
|
||||||
|
// List of preferred certificate chains, by issuer's CommonName. If empty,
|
||||||
|
// or if no matching chain is found, the first chain offered by the server
|
||||||
|
// will be used.
|
||||||
|
PreferredChains []string `json:"preferred_chains,omitempty"`
|
||||||
|
|
||||||
rootPool *x509.CertPool
|
rootPool *x509.CertPool
|
||||||
template certmagic.ACMEManager
|
template certmagic.ACMEManager
|
||||||
magic *certmagic.Config
|
magic *certmagic.Config
|
||||||
|
@ -149,6 +154,7 @@ func (iss *ACMEIssuer) makeIssuerTemplate() (certmagic.ACMEManager, error) {
|
||||||
CertObtainTimeout: time.Duration(iss.ACMETimeout),
|
CertObtainTimeout: time.Duration(iss.ACMETimeout),
|
||||||
TrustedRoots: iss.rootPool,
|
TrustedRoots: iss.rootPool,
|
||||||
ExternalAccount: iss.ExternalAccount,
|
ExternalAccount: iss.ExternalAccount,
|
||||||
|
PreferredChains: iss.PreferredChains,
|
||||||
Logger: iss.logger,
|
Logger: iss.logger,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue